POC Android botnet – Command and Control Channel over SMS

To avoid detection, this proof-of-concept code utilizes the Short Messaging Service (SMS) as a command & control channel. This adds fault tolerance because, if a smartphone is not available on the GSM network due to being powered off or out of service range, when an SMS message arrives for delivery, the message is queued and delivered by the network. Download the POC code from Here. Compiling instructions are simple and straight forward. Please follow these: Compile with arm-gcc with the -static flag set Copy to anywhere on the underlying OS that is writable (/data/ is good). Rename /dev/smd0/ to /dev/smd0real/ Start the bot application Kill the radio application (ps | grep rild) The radio will automatically respawn and now the bot proxy will be working Shmoocon 2011 Smartphone Botnets over SMS Demo from Georgia Weidman on Vimeo.   The PoC code for smartphone botnet C&C over SMS was presented at the Shmoocon held in January 2011. It seems that the author also has it working for the iPhone platform! For sanity purposes, the PoC code has payloads aka commands removed. So what you see in the demo video will need to be added manually. It however does include logging and a local open port for testing to make developing your own payloads easier!

puts the internet to work for you. via task 796658